CVE-2017-14058 log
Source |
|
Severity | Medium |
Remote | Yes |
Type | Denial of service |
Description | In FFmpeg 3.3.3, the read_data function in libavformat/hls.c does not restrict reload attempts for an insufficient list, which allows remote attackers to cause a denial of service (infinite loop). |
Group | Package | Affected | Fixed | Severity | Status | Ticket |
---|---|---|---|---|---|---|
AVG-405 | ffmpeg2.8 | 2.8.12-1 | 2.8.13-1 | Medium | Fixed | |
AVG-400 | ffmpeg | 1:3.3.3-2 | 1:3.3.4-1 | Medium | Fixed |
Date | Advisory | Group | Package | Severity | Type |
---|---|---|---|---|---|
28 Sep 2017 | ASA-201709-23 | AVG-405 | ffmpeg2.8 | Medium | denial of service |
15 Sep 2017 | ASA-201709-10 | AVG-400 | ffmpeg | Medium | denial of service |
References |
---|
https://github.com/FFmpeg/FFmpeg/commit/7ec414892ddcad88313848494b6fc5f437c9ca4a |